Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001858 advisory. The onlinepages function in mm/memoryhotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service NULL pointer dereference and system cra...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001910)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001910 advisory. The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a deni...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003389 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscryptdopagecrypto in fs/crypto/crypto.c when operating on a fil...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002365 advisory. The pmdnoneortranshugeorclearbad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003526 advisory. In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leadin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001850)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001850 advisory. arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service NULL pointer dereference,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002309 advisory. The rdsibladdrcheck function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service NULL pointer dereference and system...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002307 advisory. The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during th...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002990 advisory. The rngapireset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service NULL pointer dereference. Tenable has extracted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002662 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003409 advisory. drivers/net/usb/asixdevices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possib...

CVE-2025-68820

A NULL pointer dereference vulnerability was found in the Linux kernel's ext4 filesystem extended attribute handling. When ext4getinodeloc fails with an error such as -EFSCORRUPTED, the iloc.bh buffer head remains NULL. The ext4xattrinodedecrefall function lacks error checking and proceeds to cal...

CVE-2026-21300

Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21288

Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user...

CLSA-2026-1768411712 php: Fix of 2 CVEs

CVE-2025-1220: fix null byte termination in hostnames - CVE-2025-6491: fix NULL pointer dereference in PHP SOAP extension via large XML namespace prefix...

CVE-2025-8090

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

CVE-2025-71135

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt The variable mddev-private is first assigned to conf and then checked: conf = mddev-private; if !conf ... If conf is NULL, then mddev-private is also...

UBUNTU-CVE-2025-71124

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

CVE-2025-71118 ACPICA: Avoid walking the Namespace if start_node is NULL

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

CVE-2025-71118 ACPICA: Avoid walking the Namespace if start_node is NULL

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...